SYSTEM AND METHOD FOR REMOTE CONTROL AND MANAGEMENT 

OF WIRELESS DEVICES 

Cross-Reference to Related Applications 

The benefit of provisional application 60/251,034, filed December 5, 2000, under 
35 U.S.C. § 1 19(e), is hereby claimed. 

Field of the Invention 

;~ The present invention relates to a system and method for managing, controlling, 

!1| and reconfiguring wireless devices remotely over a wireless network 

!:! 5 

Background of the Invention 

W Currently, there are various implemented and proposed protocols to manage, 

p- control, and reconfigure computer systems remotely over a network via a central 

console. Such protocols are designed for an environment in which the computer 

10 systems to be managed are connected to the central console by fixed wiring, such as 

twisted pair wire, coaxial cable, or fiber optic cable. Management and control methods 

for networks that utilize fixed wiring assume that the network is quite reliable. In 

addition, many protocols are designed for a controlled network environment, such as a 

local area network, in which the computing environment is secure. Such security may 

1 5 be provided by use of a firewall to connect the local area network to other networks. 
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However, networks utilizing fixed wiring are limited in that in mobile devices 
cannot be configured onto a fixed network and so cannot be utilized. In addition, in 
many situations, the installation of the fixed wiring may be expensive or infeasible. 
Wireless networks provide these capabilities that fixed networks lack. Thus, a need 

5 arises for a technique that will allow computer systems to be remotely managed, 
controlled, and reconfigured using a wireless network. Network considerations in a 
wireless network are different that those in a fixed network. For example, wireless 
connections are not as reliable as fixed connections, due to interference and other 
reception difficulties. In addition, security considerations in a wireless network are 

10 different, in that wireless signals carrying data are much more subject to interception 
than are signals carrying data in a fixed network. A need arises for a technique that 
provides the capability to manage, control, and reconfigure wireless devices remotely 
over a wireless network with acceptable reliability and security. 

1 5 Summary of the Invention 

The present invention is a method, system, and computer program product that 

provides the capability to manage, control, and reconfigure wireless devices remotely 

over a wireless network with acceptable reliability and security. In one embodiment, the 

present invention is a method for remotely managing a wireless device over a wireless 

network comprising a server and the wireless device, the wireless network operable to 

communicatively connect the server and the wireless device, the method comprising the 
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steps of: transmitting registration information relating to the wireless device from the 
wireless device to the server, verifying the registration information at the server, 
establishing a mailbox for the wireless device at the server, placing a command for the 
wireless device in the mailbox, delivering the command from the mailbox to the 
wireless device, and executing the command at the wireless device. 

In one aspect of the present invention, the delivering step comprises the steps of: 
establishing a connection between the wireless device and the server, transmitting a 
request for contents of the mailbox from the wireless device to the server, and 
transmitting the contents of the mailbox from the server to the wireless device. The 
connection may be established periodically or the connection may be established based 
on a threshold condition. 

In one aspect of the present invention, the delivering step comprises the steps of: 
establishing a connection between the wireless device and the server, transmitting the 
contents of the mailbox from the server to the wireless device without a request from the 
wireless device, and accepting the contents of the mailbox at the wireless device. The 
connection may be established periodically or the connection may be established based 
on a threshold condition. 

In one aspect of the present invention, the command comprises one of: 

enabling/disabling access of the wireless device to the server, enabling/disabling 

applications that may run on the wireless device, erasing all or part of contents of the 

wireless device, transmitting new programs and data to the wireless device, querying a 
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current state of the wireless device, monitoring a level of a battery in the wireless 
device, and monitoring the location of the wireless device in the wireless network. 

In one aspect of the present invention, the method further comprises the step of 
transmitting information relating to execution of the command at the wireless device 
from the wireless device to the server. The information relating to execution of the 
command may be transmitted periodically or the information relating to execution of the 
command may be transmitted based on a threshold condition of the wireless device. 

In another embodiment, the present invention is a method for remotely managing 
a wireless device over a wireless network comprising the steps of: receiving registration 
information from the wireless device, verifying the received registration information, 
placing a command for the wireless device in a mailbox, and delivering the command to 
the wireless device. 

In one aspect of the present invention, the delivering step comprises the steps of: 
establishing a connection with the wireless device, receiving a request for contents of 
the mailbox from the wireless device, and transmitting the contents of the mailbox to the 
wireless device. The connection may be established periodically or the connection may 
be established based on a threshold condition. 

In one aspect of the present invention, the delivering step comprises the steps of 
establishing a connection with the wireless device and transmitting the contents of the 
mailbox to the wireless device without a request from the wireless device. The 



connection may be established periodically or the connection may be established based 
on a threshold condition. 

In one aspect of the present invention, the command comprises one of: 
enabling/disabling access of the wireless device to the server, enabling/disabling 
applications that may run on the wireless device, erasing all or part of contents of the 
wireless device, transmitting new programs and data to the wireless device, querying a 
current state of the wireless device, monitoring a level of a battery in the wireless 
device, and monitoring the location of the wireless device in the wireless network. 

In one aspect of the present invention, the method further comprises the step of 
receiving information relating to execution of the command at the wireless device from 
the wireless device. 

Brief Description of the Drawings 

The details of the present invention, both as to its structure and operation, can 
best be understood by referring to the accompanying drawings, in which like reference 
5 numbers and designations refer to like elements. 

Fig. 1 is an exemplary block diagram of a network system in which the present 
invention may be implemented. 

Fig. 2 is an exemplary block diagram of a wireless network system 200 

incorporating the remote management technique of the present invention. 

1 0 Fig. 3 is an exemplary block diagram of management server shown in Fig. 1 . 
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Fig. 4 is an exemplary flow diagram of a process for remotely managing devices 
over a wireless network, according to the present invention. 

Fig. 5 is a data flow diagram of the operation of the process shown in Fig. 4. 



5 Detailed Description of the Invention 

An exemplary block diagram of a network system 100 in which the present 
invention may be implemented is shown in Fig. 1. Network system 100 includes 
wireless network 102. Wireless network 102 provides communicative interconnection 
of a plurality of devices, such as client systems 106 A - 106Z and 11 OA - 110Z and 

10 servers 108 A - 108N and 1 12A - 1 12N. The transmission media in a wireless network 
is typically electromagnetic radiation, such as radio waves or light. Wireless network 
102 may include one or more local area networks (LANs), one or more wide area 
networks (WANs), or both LANs and WANs. One or more networks may be included 
in wireless network 102 and may include both public networks, such as the Internet, and 

15 private networks and may utilize any networking technology and protocol, such as 
Ethernet, Token Ring, Transmission Control Protocol/Internet Protocol (TCP/IP), etc. 
Although not shown in Fig. 1, wireless network 102 may connect, interconnect, or 
interface with one or more other wireless networks or with one or more wireline 
networks. The transmission media in a wireline network is wire, such as copper wire, or 

20 the equivalent of wire, such as fiber optic cable. Wireline networks may include one or 
more local area networks (LANs), one or more wide area networks (WANs), or both 



LANs and WANs. The wireline networks may include both public networks, such as 
the Internet, and private networks and may utilize any networking technology and 
protocol, such as Ethernet, Token Ring, Transmission Control Protocol/Internet Protocol 
(TCP/IP), etc. 

5 Client systems 106A - 106Z and 1 10A - 1 10Z may include any type of electronic 

data processing system or communication device. Examples of such electronic data 
processing system include personal computer systems, such as desktop or laptop 
computers, workstation computer systems, server computer systems, networks of 
computer systems, personal digital assistants (PDAs), wireless communications devices, 

10 such as cellular telephones, etc. In an embodiment in which the client systems are 
computer systems, the computer systems may connect directly to network 102, or the 
computer systems may connect indirectly to network 102 through one or more other 
networks, gateways, firewalls, etc. Likewise, the connection to network 102 may be 
wired, wireless, or a combination of wired and wireless. In an embodiment in which the 

15 client systems are other types of devices, such as PDAs or wireless devices, the 
connection to network 102 may be direct or indirect, wired, wireless, or a combination 
of wired and wireless, as is appropriate. Typically, the user interface of client systems 
106A - 106Z and 1 10A - 1 10Z is a graphical user interface, but other interfaces may be 
used as well. For example, the client systems may include conventional landline 

20 telephones or cellular telephones communicatively connected to a touch-tone response 

unit or a voice response unit, which accepts touch-tone or voice commands and 
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transmits them over network 102 and which receives responses over network 102, 
converts the received responses to audio, and transmits the received responses to the 
client systems. 

Management server 114 is also communicatively connected to network 102. 

5 Management server 1 14 interfaces with wireless network 102 and with multiple servers 
and clients that are connected to network 102 and provides remote management of those 
servers and client over wireless network 102. 

An exemplary block diagram of a wireless network system 200 incorporating the 
remote management technique of the present invention is shown in Fig. 2. System 200 

10 includes wireless network 102, management server 112 and a plurality of remotely 
managed devices 202A - 202Z. Remotely managed devices 202A - 202Z may include 
both client and server systems shown in Fig. 1 . Each remotely manage device includes a 
management agent 204, which is typically a software process that provides the 
capability for management server 1 14 to remotely manage the device. Management 

15 server 114 communicates with the each remotely managed device using wireless 
network 102. The information that is communicated is directed to or originated from 
the management agent that is running on the device. Management server 114 typically 
transmits commands to each remotely managed device. These commands are directed to 
the management agent running on the device and are then carried out on the device 

20 under the control of the management agent. Typical commands that may be transmitted 
from management server 1 14 are enabling/disabling access of the remotely managed 



device to the server, enabling/disabling applications that may run on the remotely 
managed device, erasing all or part of the device contents, such as programs and data, 
transmitting new programs and data to a device, querying the current state of the device, 
etc. Some commands cause the remotely managed device to transmit data to 
5 management server 114. In this situation, the management agent on the device 
originates a transmission of the data to management server 114 over wireless network 
102. 

An exemplary block diagram of management server 114 is shown in Fig. 3. 
Management server 114 is typically a programmed general-purpose computer system, 

10 such as a personal computer, workstation, server system, and minicomputer or 
mainframe computer. Management server 114 includes processor (CPU) 302, 
input/output circuitry 304, network adapter 306, and memory 308. CPU 302 executes 
program instructions in order to carry out the functions of the present invention. 
Typically, CPU 302 is a microprocessor, such as an INTEL PENTIUM® processor, 

15 but may also be a minicomputer or mainframe computer processor. Fig. 3 illustrates 
an embodiment in which management server 1 14 is implemented as a single processor 
computer system. However, the present invention contemplates embodiments in 
which management server 114 is implemented as a multi-processor system, in which 
multiple processors 302A-402N share system resources, such as memory 308, 

20 input/output circuitry 304, and network adapter 306. The present invention also 
contemplates embodiments in which management server 114 is implemented as a 



plurality of networked computer systems, which may be single-processor computer 
systems, multi-processor computer systems, or a mix thereof. 

Input/output circuitry 304 provides the capability to input data to, or output 
data from, computer system 300. For example, input/output circuitry may include 

5 input devices, such as keyboards, mice, touchpads, trackballs, scanners, etc., output 
devices, such as video adapters, monitors, printers, etc., and input/output devices, such 
as, modems, etc. Network adapter 306 interfaces management server 114 with 
wireless network 102, shown in Fig L 

Memory 308 stores program instructions that are executed by, and data that are 

10 used and processed by, CPU 302 to perform the functions of the present invention. 
Memory 308 may include electronic memory devices, such as random-access memory 
(RAM), read-only memory (ROM), programmable read-only memory (PROM), 
electrically erasable programmable read-only memory (EEPROM), flash memory, 
etc., and electro-mechanical memory, such as magnetic disk drives, tape drives, 

15 optical disk drives, etc., which may use an integrated drive electronics (IDE) interface, 
or a variation or enhancement thereof, such as enhanced IDE (EIDE) or ultra direct 
memory access (UDMA), or a small computer system interface (SCSI) based 
interface, or a variation or enhancement thereof, such as fast-SCSI, wide-SCSI, fast 
and wide-SCSI, etc, or a fiber channel-arbitrated loop (FC-AL) interface. 

20 Memory 308 includes management data 312, mailbox 314, management 

protocol routines 316, management processing routines 318, and operating system 
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320. Management data 312 includes data relating to each remotely managed device 
being managed by management server 114. Management data 312 includes data such 
as the current state and identity of each remotely managed device. This data is 
obtained from the management agent running on each remotely managed device. 

5 Mailbox 314 stores commands that are to be delivered to remotely managed devices 
so that the devices can retrieve the commands. Management protocol routines 316 
include software that implements the protocols that communicate the remote 
management commands to devices over wireless network 102. Management 
processing routines 318 include software that receives or determines the remote 

10 management commands that are to be communicated to the remotely managed devices 
by management protocol routines 314. Operating system 320 provides overall system 
functionality. 

A process 400 for remotely managing devices over a wireless network, 
according to the present invention, is shown in Fig. 4. It is best viewed in conjunction 

1 5 with Fig. 5, which is a data flow diagram of the operation of process 400. Process 400 
begins with step 402, in which a remotely managed device, such as remotely managed 
device 502, is activated. Device 502 runs management agent 504, which transmits 
registration event message 506 to management server 508. Registration event 
message 506 includes information identifying device 502 and information relating to 

20 the state of the device. Registration event message 506, and all communications 

between device 502 and management server 508, is transmitted using a security 
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protocol that ensures that only authorized remotely managed devices, running 
authorized management agents, can communicate with management server 506. 
Preferably, the security mechanism used is based on public key encryption, but any 
other security mechanism that provides adequate security may also be used. 

In step 404, the management server verifies the registration event by checking 
the validity of the information contained in registration event message 506. In 
particular, management server 508 verifies the identity of remotely managed device 
502. Upon verification of device 502, management server 508 registers device 502 by 
storing registration information relating to device 502 in management data 510. The 
registration information includes the identity and state of device 502. Management 
server 508 establishes a mailbox 512 for the newly registered remotely managed 
device 502. Management server 506 also transmits a message 514 acknowledging 
successful registration of remotely managed device 502 to the device. 

In step 406, management server 508 places commands intended for remotely 
managed device 502 in mailbox 512. Such commands may include, for example: 

• enabling/disabling access of the remotely managed device to the server 

• enabling/disabling applications that may run on the remotely managed device 

• erasing all or part of the device contents, such as programs and data 

• transmitting new programs and data to a device 

• querying the current state of the device 
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• monitoring the level of the battery in the device 

• monitoring the location of the device in the wireless network, including foreign 
networks. 

In steps 408 and 410, the commands stored in mailbox 512 are delivered to the 

5 remotely managed device. In particular, in step 408, a connection 516 is established 

between management agent 504, running on remotely managed device 502, and 

management server 508. Upon connection 516 being established, the commands that 

were stored in mailbox 512 in step 406 are transmitted 518 to device 502. This protocol 

3 is applicable to both push and pull devices. A pull devices is a device that must request 

ry 1 0 data before the data is transmitted to the device. A push device is a device to which data 

is transmitted without the device requesting the data, but which will nevertheless accept 

the data. In an embodiment in which remotely managed device 502 is a pull device, the 

management agent running on device 502 will occasionally connect to management 

Q server 508 and request the commands in mailbox 512. In an embodiment in which 

15 remotely managed device 502 is a push device, management server 508 will 

occasionally connect to remotely managed device 502 and transmit the commands in 

mailbox 512 to management agent 504. In both embodiments, the connections may be 

made periodically, based on some defined time interval, or they may be made based on 

predefined threshold conditions. 

20 In step 410, management agent 504 executes the retrieved commands and 

transmits a notification message 520 that informs management server 508 of the results 
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of executing each command. In addition, if one or more of the commands were to 
monitor parameters of remotely managed device 502, then, in step 412, management 
agent 504 will transmit the monitored information 522 to management server 508. The 
transmission may be periodic, based on some defined time interval, or they may be 
5 based on the values of certain parameters of device 502 in relation to predefined 
threshold conditions. The time intervals or threshold conditions may be inherent in 
device 502, or they may be transmitted as parameters or data related to the commands 
that were retrieved by device 502. 

; 5:3s 

S It is important to note that while the present invention has been described in the 

™ 10 context of a fully functioning data processing system, those of ordinary skill in the art 
m will appreciate that the processes of the present invention are capable of being 

». distributed in the form of a computer readable medium of instructions and a variety of 

:5 s .! 5- 

[J forms and that the present invention applies equally regardless of the particular type of 

Q signal bearing media actually used to carry out the distribution. Examples of computer 

15 readable media include recordable-type media such as floppy disc, a hard disk drive, 
RAM, and CD-ROM's, as well as transmission-type media, such as digital and analog 
communications links. 

Although specific embodiments of the present invention have been described, it 
will be understood by those of skill in the art that there are other embodiments that are 
20 equivalent to the described embodiments. Accordingly, it is to be understood that the 
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invention is not to be limited by the specific illustrated embodiments, but only by the 
scope of the appended claims. 
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